19 ipsec vpn – PLANET SG-500 User Manual

SG-500 VPN Security Gateway User’s Manual

- 122 -

4.19 IPSec VPN

The SG-500 adopts VPN to set up safe and private network service. And combine the remote Authentication

system in order to integrate the remote network and PC of the enterprise. Also provide the enterprise and

remote users a safe encryption way to have best efficiency and encryption when delivering data. Therefore, it

can save lots of problem for manager.

【IPSec Autokey】：The system manager can create a VPN connection using Autokey IKE. Autokey IKE

(Internet Key Exchange) provides a standard method to negotiate keys between two security gateways. Also

set up IPSec Lifetime and Preshared Key of the SG-500.

How to use the VPN?

To set up a Virtual Private Network (VPN), you need to configure an Access Policy include IPSec Autokey

settings of Tunnel to make a VPN connection.

Define the required fields of VPN:

RSA:

„

A public-key cryptosystem for encryption and authentication.

Preshared Key:

„

The IKE VPN must be defined with a Preshared Key. The Key may be up to 128 bytes long.

ISAKMP (Internet Security Association Key Management Protocol):

„

An extensible protocol-encoding scheme that complies to the Internet Key Exchange (IKE) framework

for establishment of Security Associations (SAs).

Main Mode:

„

This is another first phase of the Oakley protocol in establishing a security association, but instead of

using three packets like in aggressive mode, it uses six packets.

Aggressive mode:

„

This is the first phase of the Oakley protocol in establishing a security association using three data

packets.

AH (Authentication Header):

„

One of the IPSec standards that allows for data integrity of data packets.

ESP (Encapsulating Security Payload):